aboutsummaryrefslogtreecommitdiffstats
path: root/meta/recipes-connectivity/bind/bind/bind-CVE-2012-3817.patch
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-connectivity/bind/bind/bind-CVE-2012-3817.patch')
-rw-r--r--meta/recipes-connectivity/bind/bind/bind-CVE-2012-3817.patch40
1 files changed, 0 insertions, 40 deletions
diff --git a/meta/recipes-connectivity/bind/bind/bind-CVE-2012-3817.patch b/meta/recipes-connectivity/bind/bind/bind-CVE-2012-3817.patch
deleted file mode 100644
index 1e159bd2f8..0000000000
--- a/meta/recipes-connectivity/bind/bind/bind-CVE-2012-3817.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-bind: fix for CVE-2012-3817
-
-Upstream-Status: Backport
-
-ISC BIND 9.4.x, 9.5.x, 9.6.x, and 9.7.x before 9.7.6-P2; 9.8.x before 9.8.3-P2;
-9.9.x before 9.9.1-P2; and 9.6-ESV before 9.6-ESV-R7-P2, when DNSSEC validation
-is enabled, does not properly initialize the failing-query cache, which allows
-remote attackers to cause a denial of service (assertion failure and daemon exit)
-by sending many queries.
-
-http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3817
-
-This patch is back-ported from bind-9.3.6-20.P1.el5_8.2.src.rpm package.
-
-Signed-off-by: Ming Liu <ming.liu@windriver.com>
----
- resolver.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
---- a/lib/dns/resolver.c
-+++ b/lib/dns/resolver.c
-@@ -8318,6 +8318,7 @@ dns_resolver_addbadcache(dns_resolver_t
- goto cleanup;
- bad->type = type;
- bad->hashval = hashval;
-+ bad->expire = *expire;
- isc_buffer_init(&buffer, bad + 1, name->length);
- dns_name_init(&bad->name, NULL);
- dns_name_copy(name, &bad->name, &buffer);
-@@ -8329,8 +8330,8 @@ dns_resolver_addbadcache(dns_resolver_t
- if (resolver->badcount < resolver->badhash * 2 &&
- resolver->badhash > DNS_BADCACHE_SIZE)
- resizehash(resolver, &now, ISC_FALSE);
-- }
-- bad->expire = *expire;
-+ } else
-+ bad->expire = *expire;
- cleanup:
- UNLOCK(&resolver->lock);
- }